Last week, phishing scams compromise patient data, ransomware disrupts remote work, and employees struggle to deter cybersecurity threats while working from home.
United States – Ambry Genetics
Exploit: Phishing scam
Ambry Genetics: Genetic testing laboratory
Risk to Small Business: 1.373 = Extreme
An employee failed to identify a phishing scam, interacting with the message and giving hackers access to patient data between January 22, 2020, and January 24, 2020. However, the incident wasn’t reported until March 22nd, as the company struggled to dedicate resources to cybersecurity while it transitioned to remote work. In total, the breach is the second largest healthcare breach of the year, and, although the company is updating its cybersecurity practices in response to the incident, they will need to navigate a challenging recovery process during a pandemic
Individual Risk: 1.290 = Extreme
Hackers had access to patient data, including names, medical information, genetic-specific information, and a limited amount of Social Security numbers. This information has a strong market on the Dark Web, and those impacted by the breach should take steps to guard themselves against medical or identity theft. To support victims, Ambry Genetics is offering free identity monitoring services for a year. Also, those impacted by the breach should monitor their digital communications for potential spear-phishing messages that could compromise additional data.
Customers Impacted: 233,000
How it Could Affect Your Customers’ Business: Healthcare services collect and store peoples’ most sensitive personal information, and they are a top target for cybercriminals during the COVID-19 pandemic. Rather than reacting to a cybersecurity incident, companies should take a proactive stance to protect PII. The incredible rise in phishing scams targeting healthcare facilities during this time should make employee awareness training a top priority.
United States – CivicSmart
CivicSmart: Smart parking meter technology producer
Risk to Small Business: 2.130 = Severe
A ransomware attack encrypted CivicSmart’s network and exfiltrated company and customer data. The attack, which took place in March, was identified when hackers threatened to publish 159 gigabytes of sensitive data online. To prevent publication, the company paid an undisclosed ransom, and the files were brought offline. However, CivicSmart can’t rest easy. Despite promises to delete the information, it’s unlikely that cybercriminals will destroy valuable resources, which means that the stolen data could come back to haunt the company or its customers.
Individual Risk: 2.671 = Severe
Although the details are unclear, CivicSmart’s platform collects peoples’ personal and payment information as part of its smart parking meter service. What’s more, it partners with a variety of mobile apps and parking-garage vendors that could also be compromised in the breach. As a precaution, those impacted by the breach should notify their financial institutions of the incident, while carefully scrutinizing incoming messages for signs of a spear phishing scam.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Even before bad actors began exfiltrating data, ransomware attacks were uniquely costly and incredibly destructive. Today, companies can expect that a ransomware attack will double as a data breach, giving every organization millions of reasons to ensure that their networks are guarded against this especially problematic malware.
United States – Saint Francis Ministries
Exploit: Phishing scam
Saint Francis Ministries: Non-profit organization
Risk to Small Business: 1.583 = Severe
An employee interacted with a phishing scam that provided hackers with access to company IT. The breach, which was first identified on December 19, 2019, gave hackers access to user data between December 13, 2019, and December 20, 2019. However, it would be another two months before the organization understood the full scope of the breach. What’s more, it took until March 24, 2020, to determine that the breach included peoples’ personal data, and Saint Francis Ministries is just now notifying the public of the incident.
Individual Risk: 1.677 = Severe
The impacted email account contained peoples’ personally identifiable information, including names, Social Security numbers, dates of birth, driver’s license numbers, state ID information, bank account details, treatment and diagnosis information, account credentials, and other healthcare data. This comprehensive breach could have far-reaching ramifications for victims, who will need to protect themselves against future data misuse.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Whether hackers extract account credentials through phishing scams, purchase them on the Dark Web, or otherwise acquire this valuable data, organizations need to be prepared to protect accounts even when account information is compromised. Enabling easy-to-use tools like two-factor authentication is a natural first step.
United States – LearnPress
Exploit: Software vulnerability
LearnPress: WordPress plug-in
Risk to Small Business: 1.708 = Severe
Cybersecurity researchers identified flaws in the LearnPress plug-in that could allow hackers to access student information, steal money from course creators, or to alter their access privileges to become teachers. The popular WordPress plug-in is used by more than 100,000 schools, organizations, and content creators who rely on these digital services even more now that eLearning is the de-facto presentation method for nearly all students.
Individual Risk: At this time, there is no evidence that personal information was compromised in the breach. However, users should carefully monitor their accounts and credentials for misuse or abuse.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Developers took steps to repair the vulnerability, but businesses that want to thrive in our altered digital environment will need to identify threats before their products reach the public. As other organizations have discovered, the COVID-19 pandemic can be an excellent time to demonstrate strength or expose yourself to issues that will erode your brand’s image long after the crisis abates.
1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.
In Other News:
Many Employees Feel Vulnerable to Cyberattacks
A survey of more than 1,500 UK employees found widespread fear of becoming the victim of a cyberattack following the national order to impose social distancing and transition to remote work. 49% of respondents indicated that they lack confidence in their computer hardware, and 42% reported receiving a suspicious email while working from home.
Notably, 18% indicated that they’d experienced a cybersecurity event while working from home, and more than half of breach victims indicated a malicious email was to blame. Phishing attacks have soared, up over 600% in the wake of COVID-19.
While some participants felt that their employers provided helpful defensive tools, like antivirus software or access to a VPN service, only 28% received specific training for the endpoints and applications that comprise their workflow.
The risks of remote work are well-documented, and with this arrangement likely to continue for the foreseeable future, now is the perfect time to ensure that your employees have the tools necessary to protect your valuable data.
A Note From Kobargo
IT Leaders Recognize the Risks of Remote Work
The cybersecurity risks of remote work have received center-stage in light of the workplace restrictions in place because of COVID-19. However, these risks were well-known, even before COVID-19. According to a recent study, in 2019, nearly half of IT leaders admitted that remote workers had intentionally or accidentally put data security at risk. Most prominently, apathy or a failure to take security seriously was identified as one of the most substantial risks associated with remote work.
Simply put, many remote workers are not attuned to the data security risks experienced when working from home. In some cases, murky technology policies contribute to the risk, but other factors, like being unprepared to identify and respond to phishing scams, pose a significant threat to data security. Fortunately, companies can move the meter in this regard, as intentional strategies, like comprehensive employee awareness training, can equip employees to be a prominent defender of data security.
We have created a toolkit to help you secure your remote workforce quickly and affordably. Please don’t hesitate to contact my team to find out more about how our cybersecurity suite can help mitigate the risks of remote work.